You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@portals.apache.org by ta...@apache.org on 2016/03/29 04:26:15 UTC
svn commit: r1736939 -
/portals/site/jetspeed/jetspeed-2.3/src/site/xdoc/security-reports.xml
Author: taylor
Date: Tue Mar 29 02:26:15 2016
New Revision: 1736939
URL: http://svn.apache.org/viewvc?rev=1736939&view=rev
Log:
adding CVE-2016-2171 to list of 2.3.0 vulnerabilities
Modified:
portals/site/jetspeed/jetspeed-2.3/src/site/xdoc/security-reports.xml
Modified: portals/site/jetspeed/jetspeed-2.3/src/site/xdoc/security-reports.xml
URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/src/site/xdoc/security-reports.xml?rev=1736939&r1=1736938&r2=1736939&view=diff
==============================================================================
--- portals/site/jetspeed/jetspeed-2.3/src/site/xdoc/security-reports.xml (original)
+++ portals/site/jetspeed/jetspeed-2.3/src/site/xdoc/security-reports.xml Tue Mar 29 02:26:15 2016
@@ -30,6 +30,7 @@
<li><a href='#CVE-2016-0710'>CVE-2016-0710: SQL injection in User Manager service</a></li>
<li><a href='#CVE-2016-0711'>CVE-2016-0711: Persistent Cross Site Scripting in links, pages and folders</a></li>
<li><a href='#CVE-2016-0712'>CVE-2016-0712: Reflected Cross Site Scripting in URI path</a></li>
+ <li><a href='#CVE-2016-2171'>CVE-2016-2171: Jetspeed User Manager REST service not restricted by Jetspeed Security</a></li>
</ul>
</section>
<section name="2.3.1 Release CVE Reports">
@@ -150,6 +151,33 @@ title="Minimize" class="action portlet-a
]]></source>
</p>
</subsection>
+
+ <a name="CVE-2016-2171"/>
+ <subsection name="CVE-2016-2171: Jetspeed User Manager REST service not restricted by Jetspeed Security">
+ <table>
+ <tr><td>Severity: </td><td>Important</td></tr>
+ <tr><td>Vendor: </td><td>The Apache Software Foundation</td></tr>
+ <tr><td>Versions Effected:</td><td> Jetspeed 2.3.0</td></tr>
+ <tr><td>Mitigation:</td><td>2.3.0 users should upgrade to 2.3.1</td></tr>
+ <tr><td>Credit:</td><td>This issue was discovered by Andreas Lindh</td></tr>
+ <tr><td>References:</td><td>http://tomcat.apache.org/security.html</td></tr>
+ </table>
+
+ <h4>Description:</h4>
+ <p>
+ The Jetspeed User Manager services are vulnerable to unauthorized access. The following APIs are not restricted by Jetspeed Security:
+ </p>
+ <source><![CDATA[
+ GET http://host/jetspeed/services/usermanager/users/
+ GET http://host/jetspeed/services/usermanager/users/{name}/
+ POST http://host/jetspeed/services/usermanager/users/{name}/
+ POST http://host/jetspeed/services/usermanager/users/
+ DELETE http://host/jetspeed/services/usermanager/users/{name}/
+ ]]></source>
+ <p>
+ In the upcoming 2.3.1 release, these URLs are properly secured by Jetspeed Security, requiring Administrative rights.
+ </p>
+ </subsection>
</section>
</body>